types.ha (3079B)
1 use errors; 2 use types::c; 3 4 // A key ID. 5 export type serial = i32; 6 7 // Returned when a desired key was not found. 8 export type nokey = !void; 9 10 // A tagged union of all possible error types. 11 export type error = !(nokey | errors::error); 12 13 // The caller's thread-specific keyring. 14 export def THREAD_KEYRING: serial = -1; 15 16 // The caller's process-specific keyring. 17 export def PROCESS_KEYRING: serial = -2; 18 19 // The caller's session-specific keyring. 20 export def SESSION_KEYRING: serial = -3; 21 22 // The caller's UID-specific keyring. 23 export def USER_KEYRING: serial = -4; 24 25 // The caller's UID-session keyring. 26 export def USER_SESSION_KEYRING: serial = -5; 27 28 // The caller's GID-specific keyring. 29 export def GROUP_KEYRING: serial = -6; 30 31 // The caller's GID-session keyring. 32 export def REQKEY_AUTH_KEY: serial = -7; 33 34 // The Key ID for the [[reqkey]] destination keyring. 35 export def REQUESTOR_KEYRING: serial = -8; 36 37 // request-key default keyrings 38 export type reqkey = enum int { 39 NO_CHANGE = -1, 40 DEFAULT = 0, 41 THREAD_KEYRING = 1, 42 PROCESS_KEYRING = 2, 43 SESSION_KEYRING = 3, 44 USER_KEYRING = 4, 45 USER_SESSION_KEYRING = 5, 46 GROUP_KEYRING = 6, 47 REQUESTOR_KEYRING = 7, 48 }; 49 50 // keyctl commands 51 export type command = enum int { 52 GET_KEYRING_ID = 0, 53 JOIN_SESSION_KEYRING = 1, 54 UPDATE = 2, 55 REVOKE = 3, 56 CHOWN = 4, 57 SETPERM = 5, 58 DESCRIBE = 6, 59 CLEAR = 7, 60 LINK = 8, 61 UNLINK = 9, 62 SEARCH = 10, 63 READ = 11, 64 INSTANTIATE = 12, 65 NEGATE = 13, 66 SET_REQKEY_KEYRING = 14, 67 SET_TIMEOUT = 15, 68 ASSUME_AUTHORITY = 16, 69 GET_SECURITY = 17, 70 SESSION_TO_PARENT = 18, 71 REJECT = 19, 72 INSTANTIATE_IOV = 20, 73 INVALIDATE = 21, 74 GET_PERSISTENT = 22, 75 DH_COMPUTE = 23, 76 PKEY_QUERY = 24, 77 PKEY_ENCRYPT = 25, 78 PKEY_DECRYPT = 26, 79 PKEY_SIGN = 27, 80 PKEY_VERIFY = 28, 81 RESTRICT_KEYRING = 29, 82 MOVE = 30, 83 CAPABILITIES = 31, 84 WATCH_KEY = 32, 85 }; 86 87 // Input for [[command::DH_COMPUTE]] 88 export type dh_params = struct { 89 private: i32, 90 prime: i32, 91 base: i32, 92 }; 93 94 // Output for [[command::DH_COMPUTE]] 95 export type kdf_params = struct { 96 hashname: *c::char, 97 otherinfo: *c::char, 98 otherinfolen: u32, 99 __spare: [8]u32, 100 }; 101 102 export type support = enum u32 { 103 SUPPORTS_ENCRYPT = 0x01, 104 SUPPORTS_DECRYPT = 0x02, 105 SUPPORTS_SIGN = 0x04, 106 SUPPORTS_VERIFY = 0x08, 107 }; 108 109 export type pkey_query = struct { 110 supported_ops: u32, 111 key_size: u32, 112 max_data_size: u16, 113 max_sig_size: u16, 114 max_enc_size: u16, 115 max_dec_size: u16, 116 __spare: [10]u32, 117 }; 118 119 export type pkey_params = struct { 120 key_id: i32, 121 in_len: u32, 122 union { 123 out_len: u32, 124 in2_len: u32, 125 }, 126 __spare: [7]u32, 127 }; 128 129 export type caps = enum u8 { 130 CAPS0_CAPABILITIES = 0x01, 131 CAPS0_PERSISTENT_KEYRINGS = 0x02, 132 CAPS0_DIFFIE_HELLMAN = 0x04, 133 CAPS0_PUBLIC_KEY = 0x08, 134 CAPS0_BIG_KEY = 0x10, 135 CAPS0_INVALIDATE = 0x20, 136 CAPS0_RESTRICT_KEYRING = 0x40, 137 CAPS0_MOVE = 0x80, 138 CAPS1_NS_KEYRING_NAME = 0x01, 139 CAPS1_NS_KEY_TAG = 0x02, 140 CAPS1_NOTIFICATIONS = 0x04, 141 }; 142 143 // Converts an [[error]] into a human-friendly string. 144 export fn strerror(err: error) const str = match (err) { 145 case nokey => 146 return "A desired key was not found"; 147 case let err: errors::error => 148 return errors::strerror(err); 149 };