1 #ifndef CERT_H 2 #define CERT_H 3 4 #include <sodium.h> 5 #define CERT_MAGIC_CERT "DNSC" 6 #define CERT_MAJOR_VERSION 1 7 #define CERT_MINOR_VERSION 0 8 #define CERT_OLD_MAGIC_HEADER "7PYqwfzt" 9 10 #define CERT_FILE_EXPIRE_DAYS 1 11 12 struct SignedCert { 13 uint8_t magic_cert[4]; 14 uint8_t version_major[2]; 15 uint8_t version_minor[2]; 16 17 uint8_t signature[crypto_sign_BYTES]; 18 // Signed Content 19 uint8_t server_publickey[crypto_box_PUBLICKEYBYTES]; 20 uint8_t magic_query[8]; 21 uint8_t serial[4]; 22 uint8_t ts_begin[4]; 23 uint8_t ts_end[4]; 24 }; 25 26 struct Cert { 27 uint8_t magic_cert[4]; 28 uint8_t version_major[2]; 29 uint8_t version_minor[2]; 30 31 // Signed Content 32 uint8_t signed_content[64]; 33 uint8_t server_publickey[crypto_box_PUBLICKEYBYTES]; 34 uint8_t magic_query[8]; 35 uint8_t serial[4]; 36 uint8_t ts_begin[4]; 37 uint8_t ts_end[4]; 38 }; 39 40 41 struct SignedCert *cert_build_cert(const uint8_t *crypt_publickey, int cert_file_expire_days, int use_xchacha20); 42 int cert_sign(struct SignedCert *signed_cert, 43 const uint8_t *provider_secretkey); 44 void cert_display_txt_record_tinydns(struct SignedCert *signed_cert); 45 void cert_display_txt_record(struct SignedCert *signed_cert); 46 47 #endif 48