xref: /freebsd/contrib/unbound/dnscrypt/cert.h (revision c697fb7f) 
1 #ifndef UNBOUND_DNSCRYPT_CERT_H
2 #define UNBOUND_DNSCRYPT_CERT_H
3 
4 /**
5  * \file
6  * certificate type for dnscrypt for use in other header files
7  */
8 
9 #include <sodium.h>
10 #define CERT_MAGIC_CERT "DNSC"
11 #define CERT_MAJOR_VERSION 1
12 #define CERT_MINOR_VERSION 0
13 #define CERT_OLD_MAGIC_HEADER "7PYqwfzt"
14 
15 #define CERT_FILE_EXPIRE_DAYS 365
16 
17 struct SignedCert {
18     uint8_t magic_cert[4];
19     uint8_t version_major[2];
20     uint8_t version_minor[2];
21 
22     // Signed Content
23     uint8_t signed_content[64];
24     uint8_t server_publickey[crypto_box_PUBLICKEYBYTES];
25     uint8_t magic_query[8];
26     uint8_t serial[4];
27     uint8_t ts_begin[4];
28     uint8_t ts_end[4];
29 };
30 
31 
32 #endif
33