lib » dns » include » dns

keyvalues.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2004-2010, 2012  Internet Systems Consortium, Inc. ("ISC")
00003  * Copyright (C) 1999-2001, 2003  Internet Software Consortium.
00004  *
00005  * Permission to use, copy, modify, and/or distribute this software for any
00006  * purpose with or without fee is hereby granted, provided that the above
00007  * copyright notice and this permission notice appear in all copies.
00008  *
00009  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
00010  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
00011  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
00012  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
00013  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
00014  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
00015  * PERFORMANCE OF THIS SOFTWARE.
00016  */
00017 
00018 /* $Id: keyvalues.h,v 1.29 2010/12/23 23:47:08 tbox Exp $ */
00019 
00020 #ifndef DNS_KEYVALUES_H
00021 #define DNS_KEYVALUES_H 1
00022 
00023 /*! \file dns/keyvalues.h */
00024 
00025 /*
00026  * Flags field of the KEY RR rdata
00027  */
00028 #define DNS_KEYFLAG_TYPEMASK    0xC000  /*%< Mask for "type" bits */
00029 #define DNS_KEYTYPE_AUTHCONF    0x0000  /*%< Key usable for both */
00030 #define DNS_KEYTYPE_CONFONLY    0x8000  /*%< Key usable for confidentiality */
00031 #define DNS_KEYTYPE_AUTHONLY    0x4000  /*%< Key usable for authentication */
00032 #define DNS_KEYTYPE_NOKEY       0xC000  /*%< No key usable for either; no key */
00033 #define DNS_KEYTYPE_NOAUTH      DNS_KEYTYPE_CONFONLY
00034 #define DNS_KEYTYPE_NOCONF      DNS_KEYTYPE_AUTHONLY
00035 
00036 #define DNS_KEYFLAG_RESERVED2   0x2000  /*%< reserved - must be zero */
00037 #define DNS_KEYFLAG_EXTENDED    0x1000  /*%< key has extended flags */
00038 #define DNS_KEYFLAG_RESERVED4   0x0800  /*%< reserved - must be zero */
00039 #define DNS_KEYFLAG_RESERVED5   0x0400  /*%< reserved - must be zero */
00040 #define DNS_KEYFLAG_OWNERMASK   0x0300  /*%< these bits determine the type */
00041 #define DNS_KEYOWNER_USER       0x0000  /*%< key is assoc. with user */
00042 #define DNS_KEYOWNER_ENTITY     0x0200  /*%< key is assoc. with entity eg host */
00043 #define DNS_KEYOWNER_ZONE       0x0100  /*%< key is zone key */
00044 #define DNS_KEYOWNER_RESERVED   0x0300  /*%< reserved meaning */
00045 #define DNS_KEYFLAG_REVOKE      0x0080  /*%< key revoked (per rfc5011) */
00046 #define DNS_KEYFLAG_RESERVED9   0x0040  /*%< reserved - must be zero */
00047 #define DNS_KEYFLAG_RESERVED10  0x0020  /*%< reserved - must be zero */
00048 #define DNS_KEYFLAG_RESERVED11  0x0010  /*%< reserved - must be zero */
00049 #define DNS_KEYFLAG_SIGNATORYMASK 0x000F /*%< key can sign RR's of same name */
00050 
00051 #define DNS_KEYFLAG_RESERVEDMASK (DNS_KEYFLAG_RESERVED2 | \
00052                                   DNS_KEYFLAG_RESERVED4 | \
00053                                   DNS_KEYFLAG_RESERVED5 | \
00054                                   DNS_KEYFLAG_RESERVED9 | \
00055                                   DNS_KEYFLAG_RESERVED10 | \
00056                                   DNS_KEYFLAG_RESERVED11 )
00057 #define DNS_KEYFLAG_KSK         0x0001  /*%< key signing key */
00058 
00059 #define DNS_KEYFLAG_RESERVEDMASK2 0xFFFF        /*%< no bits defined here */
00060 
00061 /* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
00062 #define DNS_KEYALG_RSAMD5       1       /*%< RSA with MD5 */
00063 #define DNS_KEYALG_RSA          DNS_KEYALG_RSAMD5
00064 #define DNS_KEYALG_DH           2       /*%< Diffie Hellman KEY */
00065 #define DNS_KEYALG_DSA          3       /*%< DSA KEY */
00066 #define DNS_KEYALG_NSEC3DSA     6
00067 #define DNS_KEYALG_DSS          DNS_ALG_DSA
00068 #define DNS_KEYALG_ECC          4
00069 #define DNS_KEYALG_RSASHA1      5
00070 #define DNS_KEYALG_NSEC3RSASHA1 7
00071 #define DNS_KEYALG_RSASHA256    8
00072 #define DNS_KEYALG_RSASHA512    10
00073 #define DNS_KEYALG_ECCGOST      12
00074 #define DNS_KEYALG_ECDSA256     13
00075 #define DNS_KEYALG_ECDSA384     14
00076 #define DNS_KEYALG_INDIRECT     252
00077 #define DNS_KEYALG_PRIVATEDNS   253
00078 #define DNS_KEYALG_PRIVATEOID   254     /*%< Key begins with OID giving alg */
00079 
00080 /* Protocol values  */
00081 #define DNS_KEYPROTO_RESERVED   0
00082 #define DNS_KEYPROTO_TLS        1
00083 #define DNS_KEYPROTO_EMAIL      2
00084 #define DNS_KEYPROTO_DNSSEC     3
00085 #define DNS_KEYPROTO_IPSEC      4
00086 #define DNS_KEYPROTO_ANY        255
00087 
00088 /* Signatures */
00089 #define DNS_SIG_RSAMINBITS      512     /*%< Size of a mod or exp in bits */
00090 #define DNS_SIG_RSAMAXBITS      2552
00091         /* Total of binary mod and exp */
00092 #define DNS_SIG_RSAMAXBYTES     ((DNS_SIG_RSAMAXBITS+7/8)*2+3)
00093         /*%< Max length of text sig block */
00094 #define DNS_SIG_RSAMAXBASE64    (((DNS_SIG_RSAMAXBYTES+2)/3)*4)
00095 #define DNS_SIG_RSAMINSIZE      ((DNS_SIG_RSAMINBITS+7)/8)
00096 #define DNS_SIG_RSAMAXSIZE      ((DNS_SIG_RSAMAXBITS+7)/8)
00097 
00098 #define DNS_SIG_DSASIGSIZE      41
00099 #define DNS_SIG_DSAMINBITS      512
00100 #define DNS_SIG_DSAMAXBITS      1024
00101 #define DNS_SIG_DSAMINBYTES     213
00102 #define DNS_SIG_DSAMAXBYTES     405
00103 
00104 #define DNS_SIG_GOSTSIGSIZE     64
00105 
00106 #define DNS_SIG_ECDSA256SIZE    64
00107 #define DNS_SIG_ECDSA384SIZE    96
00108 
00109 #define DNS_KEY_ECDSA256SIZE    64
00110 #define DNS_KEY_ECDSA384SIZE    96
00111 
00112 #endif /* DNS_KEYVALUES_H */
Generated on Tue Apr 28 17:40:57 2015 by Doxygen 1.5.4 for BIND9 Internals 9.11.0pre-alpha