diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:09:41 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:09:41 +0000 |
commit | 3271d1ac389d2ec93db9c5b9ce0991ce478476cf (patch) | |
tree | 35ff7d180e1ccc061f28535d7435b5ba1789e734 /nts_ke.h | |
parent | Initial commit. (diff) | |
download | chrony-upstream.tar.xz chrony-upstream.zip |
Adding upstream version 4.3.upstream/4.3upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'nts_ke.h')
-rw-r--r-- | nts_ke.h | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/nts_ke.h b/nts_ke.h new file mode 100644 index 0000000..e7497af --- /dev/null +++ b/nts_ke.h @@ -0,0 +1,81 @@ +/* + chronyd/chronyc - Programs for keeping computer clocks accurate. + + ********************************************************************** + * Copyright (C) Miroslav Lichvar 2020 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * + ********************************************************************** + + ======================================================================= + + Header file for the NTS Key Establishment protocol + */ + +#ifndef GOT_NTS_KE_H +#define GOT_NTS_KE_H + +#include "siv.h" + +#define NKE_PORT 4460 + +#define NKE_RECORD_CRITICAL_BIT (1U << 15) +#define NKE_RECORD_END_OF_MESSAGE 0 +#define NKE_RECORD_NEXT_PROTOCOL 1 +#define NKE_RECORD_ERROR 2 +#define NKE_RECORD_WARNING 3 +#define NKE_RECORD_AEAD_ALGORITHM 4 +#define NKE_RECORD_COOKIE 5 +#define NKE_RECORD_NTPV4_SERVER_NEGOTIATION 6 +#define NKE_RECORD_NTPV4_PORT_NEGOTIATION 7 + +#define NKE_NEXT_PROTOCOL_NTPV4 0 + +#define NKE_ERROR_UNRECOGNIZED_CRITICAL_RECORD 0 +#define NKE_ERROR_BAD_REQUEST 1 +#define NKE_ERROR_INTERNAL_SERVER_ERROR 2 + +#define NKE_ALPN_NAME "ntske/1" +#define NKE_EXPORTER_LABEL "EXPORTER-network-time-security" +#define NKE_EXPORTER_CONTEXT_C2S "\x0\x0\x0\xf\x0" +#define NKE_EXPORTER_CONTEXT_S2C "\x0\x0\x0\xf\x1" + +#define NKE_MAX_MESSAGE_LENGTH 16384 +#define NKE_MAX_RECORD_BODY_LENGTH 256 +#define NKE_MAX_COOKIE_LENGTH 256 +#define NKE_MAX_COOKIES 8 +#define NKE_MAX_KEY_LENGTH SIV_MAX_KEY_LENGTH + +#define NKE_RETRY_FACTOR2_CONNECT 4 +#define NKE_RETRY_FACTOR2_TLS 10 +#define NKE_MAX_RETRY_INTERVAL2 19 + +typedef struct { + int length; + unsigned char key[NKE_MAX_KEY_LENGTH]; +} NKE_Key; + +typedef struct { + SIV_Algorithm algorithm; + NKE_Key c2s; + NKE_Key s2c; +} NKE_Context; + +typedef struct { + int length; + unsigned char cookie[NKE_MAX_COOKIE_LENGTH]; +} NKE_Cookie; + +#endif |