This file is indexed.

/usr/include/dns/keyvalues.h is in libbind-dev 1:9.9.5.dfsg-3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
/*
 * Copyright (C) 2004-2010, 2012  Internet Systems Consortium, Inc. ("ISC")
 * Copyright (C) 1999-2001, 2003  Internet Software Consortium.
 *
 * Permission to use, copy, modify, and/or distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 * PERFORMANCE OF THIS SOFTWARE.
 */

/* $Id: keyvalues.h,v 1.29 2010/12/23 23:47:08 tbox Exp $ */

#ifndef DNS_KEYVALUES_H
#define DNS_KEYVALUES_H 1

/*! \file dns/keyvalues.h */

/*
 * Flags field of the KEY RR rdata
 */
#define DNS_KEYFLAG_TYPEMASK	0xC000	/*%< Mask for "type" bits */
#define DNS_KEYTYPE_AUTHCONF	0x0000	/*%< Key usable for both */
#define DNS_KEYTYPE_CONFONLY	0x8000	/*%< Key usable for confidentiality */
#define DNS_KEYTYPE_AUTHONLY	0x4000	/*%< Key usable for authentication */
#define DNS_KEYTYPE_NOKEY	0xC000	/*%< No key usable for either; no key */
#define DNS_KEYTYPE_NOAUTH	DNS_KEYTYPE_CONFONLY
#define DNS_KEYTYPE_NOCONF	DNS_KEYTYPE_AUTHONLY

#define DNS_KEYFLAG_RESERVED2	0x2000	/*%< reserved - must be zero */
#define DNS_KEYFLAG_EXTENDED	0x1000	/*%< key has extended flags */
#define DNS_KEYFLAG_RESERVED4	0x0800	/*%< reserved - must be zero */
#define DNS_KEYFLAG_RESERVED5	0x0400	/*%< reserved - must be zero */
#define DNS_KEYFLAG_OWNERMASK	0x0300	/*%< these bits determine the type */
#define DNS_KEYOWNER_USER	0x0000	/*%< key is assoc. with user */
#define DNS_KEYOWNER_ENTITY	0x0200	/*%< key is assoc. with entity eg host */
#define DNS_KEYOWNER_ZONE	0x0100	/*%< key is zone key */
#define DNS_KEYOWNER_RESERVED	0x0300	/*%< reserved meaning */
#define DNS_KEYFLAG_REVOKE	0x0080	/*%< key revoked (per rfc5011) */
#define DNS_KEYFLAG_RESERVED9	0x0040	/*%< reserved - must be zero */
#define DNS_KEYFLAG_RESERVED10	0x0020	/*%< reserved - must be zero */
#define DNS_KEYFLAG_RESERVED11	0x0010	/*%< reserved - must be zero */
#define DNS_KEYFLAG_SIGNATORYMASK 0x000F /*%< key can sign RR's of same name */

#define DNS_KEYFLAG_RESERVEDMASK (DNS_KEYFLAG_RESERVED2 | \
				  DNS_KEYFLAG_RESERVED4 | \
				  DNS_KEYFLAG_RESERVED5 | \
				  DNS_KEYFLAG_RESERVED9 | \
				  DNS_KEYFLAG_RESERVED10 | \
				  DNS_KEYFLAG_RESERVED11 )
#define DNS_KEYFLAG_KSK		0x0001	/*%< key signing key */

#define DNS_KEYFLAG_RESERVEDMASK2 0xFFFF	/*%< no bits defined here */

/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
#define DNS_KEYALG_RSAMD5	1       /*%< RSA with MD5 */
#define DNS_KEYALG_RSA		DNS_KEYALG_RSAMD5
#define DNS_KEYALG_DH		2       /*%< Diffie Hellman KEY */
#define DNS_KEYALG_DSA		3       /*%< DSA KEY */
#define DNS_KEYALG_NSEC3DSA	6
#define DNS_KEYALG_DSS		DNS_ALG_DSA
#define DNS_KEYALG_ECC		4
#define DNS_KEYALG_RSASHA1	5
#define DNS_KEYALG_NSEC3RSASHA1	7
#define DNS_KEYALG_RSASHA256	8
#define DNS_KEYALG_RSASHA512	10
#define DNS_KEYALG_ECCGOST	12
#define DNS_KEYALG_ECDSA256	13
#define DNS_KEYALG_ECDSA384	14
#define DNS_KEYALG_INDIRECT	252
#define DNS_KEYALG_PRIVATEDNS	253
#define DNS_KEYALG_PRIVATEOID	254     /*%< Key begins with OID giving alg */

/* Protocol values  */
#define	DNS_KEYPROTO_RESERVED	0
#define DNS_KEYPROTO_TLS	1
#define DNS_KEYPROTO_EMAIL	2
#define DNS_KEYPROTO_DNSSEC	3
#define DNS_KEYPROTO_IPSEC	4
#define DNS_KEYPROTO_ANY	255

/* Signatures */
#define DNS_SIG_RSAMINBITS	512	/*%< Size of a mod or exp in bits */
#define DNS_SIG_RSAMAXBITS	2552
	/* Total of binary mod and exp */
#define DNS_SIG_RSAMAXBYTES	((DNS_SIG_RSAMAXBITS+7/8)*2+3)
	/*%< Max length of text sig block */
#define DNS_SIG_RSAMAXBASE64	(((DNS_SIG_RSAMAXBYTES+2)/3)*4)
#define DNS_SIG_RSAMINSIZE	((DNS_SIG_RSAMINBITS+7)/8)
#define DNS_SIG_RSAMAXSIZE	((DNS_SIG_RSAMAXBITS+7)/8)

#define DNS_SIG_DSASIGSIZE	41
#define DNS_SIG_DSAMINBITS	512
#define DNS_SIG_DSAMAXBITS	1024
#define DNS_SIG_DSAMINBYTES	213
#define DNS_SIG_DSAMAXBYTES	405

#define DNS_SIG_GOSTSIGSIZE	64

#define DNS_SIG_ECDSA256SIZE	64
#define DNS_SIG_ECDSA384SIZE	96

#define DNS_KEY_ECDSA256SIZE	64
#define DNS_KEY_ECDSA384SIZE	96

#endif /* DNS_KEYVALUES_H */