Path: blob/main/crypto/heimdal/lib/gssapi/gssapi_mech.h
34889 views
/*-1* Copyright (c) 2005 Doug Rabson2* All rights reserved.3*4* Redistribution and use in source and binary forms, with or without5* modification, are permitted provided that the following conditions6* are met:7* 1. Redistributions of source code must retain the above copyright8* notice, this list of conditions and the following disclaimer.9* 2. Redistributions in binary form must reproduce the above copyright10* notice, this list of conditions and the following disclaimer in the11* documentation and/or other materials provided with the distribution.12*13* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND14* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE15* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE16* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE17* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL18* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS19* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)20* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT21* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY22* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF23* SUCH DAMAGE.24*25* $FreeBSD$26*/2728#ifndef GSSAPI_MECH_H29#define GSSAPI_MECH_H 13031#include <gssapi.h>3233typedef OM_uint32 GSSAPI_CALLCONV _gss_acquire_cred_t34(OM_uint32 *, /* minor_status */35const gss_name_t, /* desired_name */36OM_uint32, /* time_req */37const gss_OID_set, /* desired_mechs */38gss_cred_usage_t, /* cred_usage */39gss_cred_id_t *, /* output_cred_handle */40gss_OID_set *, /* actual_mechs */41OM_uint32 * /* time_rec */42);4344typedef OM_uint32 GSSAPI_CALLCONV _gss_release_cred_t45(OM_uint32 *, /* minor_status */46gss_cred_id_t * /* cred_handle */47);4849typedef OM_uint32 GSSAPI_CALLCONV _gss_init_sec_context_t50(OM_uint32 *, /* minor_status */51const gss_cred_id_t, /* initiator_cred_handle */52gss_ctx_id_t *, /* context_handle */53const gss_name_t, /* target_name */54const gss_OID, /* mech_type */55OM_uint32, /* req_flags */56OM_uint32, /* time_req */57const gss_channel_bindings_t,58/* input_chan_bindings */59const gss_buffer_t, /* input_token */60gss_OID *, /* actual_mech_type */61gss_buffer_t, /* output_token */62OM_uint32 *, /* ret_flags */63OM_uint32 * /* time_rec */64);6566typedef OM_uint32 GSSAPI_CALLCONV _gss_accept_sec_context_t67(OM_uint32 *, /* minor_status */68gss_ctx_id_t *, /* context_handle */69const gss_cred_id_t, /* acceptor_cred_handle */70const gss_buffer_t, /* input_token_buffer */71const gss_channel_bindings_t,72/* input_chan_bindings */73gss_name_t *, /* src_name */74gss_OID *, /* mech_type */75gss_buffer_t, /* output_token */76OM_uint32 *, /* ret_flags */77OM_uint32 *, /* time_rec */78gss_cred_id_t * /* delegated_cred_handle */79);8081typedef OM_uint32 GSSAPI_CALLCONV _gss_process_context_token_t82(OM_uint32 *, /* minor_status */83const gss_ctx_id_t, /* context_handle */84const gss_buffer_t /* token_buffer */85);8687typedef OM_uint32 GSSAPI_CALLCONV _gss_delete_sec_context_t88(OM_uint32 *, /* minor_status */89gss_ctx_id_t *, /* context_handle */90gss_buffer_t /* output_token */91);9293typedef OM_uint32 GSSAPI_CALLCONV _gss_context_time_t94(OM_uint32 *, /* minor_status */95const gss_ctx_id_t, /* context_handle */96OM_uint32 * /* time_rec */97);9899typedef OM_uint32 GSSAPI_CALLCONV _gss_get_mic_t100(OM_uint32 *, /* minor_status */101const gss_ctx_id_t, /* context_handle */102gss_qop_t, /* qop_req */103const gss_buffer_t, /* message_buffer */104gss_buffer_t /* message_token */105);106107typedef OM_uint32 GSSAPI_CALLCONV _gss_verify_mic_t108(OM_uint32 *, /* minor_status */109const gss_ctx_id_t, /* context_handle */110const gss_buffer_t, /* message_buffer */111const gss_buffer_t, /* token_buffer */112gss_qop_t * /* qop_state */113);114115typedef OM_uint32 GSSAPI_CALLCONV _gss_wrap_t116(OM_uint32 *, /* minor_status */117const gss_ctx_id_t, /* context_handle */118int, /* conf_req_flag */119gss_qop_t, /* qop_req */120const gss_buffer_t, /* input_message_buffer */121int *, /* conf_state */122gss_buffer_t /* output_message_buffer */123);124125typedef OM_uint32 GSSAPI_CALLCONV _gss_unwrap_t126(OM_uint32 *, /* minor_status */127const gss_ctx_id_t, /* context_handle */128const gss_buffer_t, /* input_message_buffer */129gss_buffer_t, /* output_message_buffer */130int *, /* conf_state */131gss_qop_t * /* qop_state */132);133134typedef OM_uint32 GSSAPI_CALLCONV _gss_display_status_t135(OM_uint32 *, /* minor_status */136OM_uint32, /* status_value */137int, /* status_type */138const gss_OID, /* mech_type */139OM_uint32 *, /* message_context */140gss_buffer_t /* status_string */141);142143typedef OM_uint32 GSSAPI_CALLCONV _gss_indicate_mechs_t144(OM_uint32 *, /* minor_status */145gss_OID_set * /* mech_set */146);147148typedef OM_uint32 GSSAPI_CALLCONV _gss_compare_name_t149(OM_uint32 *, /* minor_status */150const gss_name_t, /* name1 */151const gss_name_t, /* name2 */152int * /* name_equal */153);154155typedef OM_uint32 GSSAPI_CALLCONV _gss_display_name_t156(OM_uint32 *, /* minor_status */157const gss_name_t, /* input_name */158gss_buffer_t, /* output_name_buffer */159gss_OID * /* output_name_type */160);161162typedef OM_uint32 GSSAPI_CALLCONV _gss_import_name_t163(OM_uint32 *, /* minor_status */164const gss_buffer_t, /* input_name_buffer */165const gss_OID, /* input_name_type */166gss_name_t * /* output_name */167);168169typedef OM_uint32 GSSAPI_CALLCONV _gss_export_name_t170(OM_uint32 *, /* minor_status */171const gss_name_t, /* input_name */172gss_buffer_t /* exported_name */173);174175typedef OM_uint32 GSSAPI_CALLCONV _gss_release_name_t176(OM_uint32 *, /* minor_status */177gss_name_t * /* input_name */178);179180typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_cred_t181(OM_uint32 *, /* minor_status */182const gss_cred_id_t, /* cred_handle */183gss_name_t *, /* name */184OM_uint32 *, /* lifetime */185gss_cred_usage_t *, /* cred_usage */186gss_OID_set * /* mechanisms */187);188189typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_context_t190(OM_uint32 *, /* minor_status */191const gss_ctx_id_t, /* context_handle */192gss_name_t *, /* src_name */193gss_name_t *, /* targ_name */194OM_uint32 *, /* lifetime_rec */195gss_OID *, /* mech_type */196OM_uint32 *, /* ctx_flags */197int *, /* locally_initiated */198int * /* open */199);200201typedef OM_uint32 GSSAPI_CALLCONV _gss_wrap_size_limit_t202(OM_uint32 *, /* minor_status */203const gss_ctx_id_t, /* context_handle */204int, /* conf_req_flag */205gss_qop_t, /* qop_req */206OM_uint32, /* req_output_size */207OM_uint32 * /* max_input_size */208);209210typedef OM_uint32 GSSAPI_CALLCONV _gss_add_cred_t (211OM_uint32 *, /* minor_status */212const gss_cred_id_t, /* input_cred_handle */213const gss_name_t, /* desired_name */214const gss_OID, /* desired_mech */215gss_cred_usage_t, /* cred_usage */216OM_uint32, /* initiator_time_req */217OM_uint32, /* acceptor_time_req */218gss_cred_id_t *, /* output_cred_handle */219gss_OID_set *, /* actual_mechs */220OM_uint32 *, /* initiator_time_rec */221OM_uint32 * /* acceptor_time_rec */222);223224typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_cred_by_mech_t (225OM_uint32 *, /* minor_status */226const gss_cred_id_t, /* cred_handle */227const gss_OID, /* mech_type */228gss_name_t *, /* name */229OM_uint32 *, /* initiator_lifetime */230OM_uint32 *, /* acceptor_lifetime */231gss_cred_usage_t * /* cred_usage */232);233234typedef OM_uint32 GSSAPI_CALLCONV _gss_export_sec_context_t (235OM_uint32 *, /* minor_status */236gss_ctx_id_t *, /* context_handle */237gss_buffer_t /* interprocess_token */238);239240typedef OM_uint32 GSSAPI_CALLCONV _gss_import_sec_context_t (241OM_uint32 *, /* minor_status */242const gss_buffer_t, /* interprocess_token */243gss_ctx_id_t * /* context_handle */244);245246typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_names_for_mech_t (247OM_uint32 *, /* minor_status */248const gss_OID, /* mechanism */249gss_OID_set * /* name_types */250);251252typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_mechs_for_name_t (253OM_uint32 *, /* minor_status */254const gss_name_t, /* input_name */255gss_OID_set * /* mech_types */256);257258typedef OM_uint32 GSSAPI_CALLCONV _gss_canonicalize_name_t (259OM_uint32 *, /* minor_status */260const gss_name_t, /* input_name */261const gss_OID, /* mech_type */262gss_name_t * /* output_name */263);264265typedef OM_uint32 GSSAPI_CALLCONV _gss_duplicate_name_t (266OM_uint32 *, /* minor_status */267const gss_name_t, /* src_name */268gss_name_t * /* dest_name */269);270271typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_sec_context_by_oid (272OM_uint32 *minor_status,273const gss_ctx_id_t context_handle,274const gss_OID desired_object,275gss_buffer_set_t *data_set276);277278typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_cred_by_oid (279OM_uint32 *minor_status,280const gss_cred_id_t cred,281const gss_OID desired_object,282gss_buffer_set_t *data_set283);284285typedef OM_uint32 GSSAPI_CALLCONV _gss_set_sec_context_option (286OM_uint32 *minor_status,287gss_ctx_id_t *cred_handle,288const gss_OID desired_object,289const gss_buffer_t value290);291292typedef OM_uint32 GSSAPI_CALLCONV _gss_set_cred_option (293OM_uint32 *minor_status,294gss_cred_id_t *cred_handle,295const gss_OID desired_object,296const gss_buffer_t value297);298299300typedef OM_uint32 GSSAPI_CALLCONV _gss_pseudo_random(301OM_uint32 *minor_status,302gss_ctx_id_t context,303int prf_key,304const gss_buffer_t prf_in,305ssize_t desired_output_len,306gss_buffer_t prf_out307);308309typedef OM_uint32 GSSAPI_CALLCONV310_gss_wrap_iov_t(OM_uint32 *minor_status,311gss_ctx_id_t context_handle,312int conf_req_flag,313gss_qop_t qop_req,314int * conf_state,315gss_iov_buffer_desc *iov,316int iov_count);317318typedef OM_uint32 GSSAPI_CALLCONV319_gss_unwrap_iov_t(OM_uint32 *minor_status,320gss_ctx_id_t context_handle,321int *conf_state,322gss_qop_t *qop_state,323gss_iov_buffer_desc *iov,324int iov_count);325326typedef OM_uint32 GSSAPI_CALLCONV327_gss_wrap_iov_length_t(OM_uint32 * minor_status,328gss_ctx_id_t context_handle,329int conf_req_flag,330gss_qop_t qop_req,331int *conf_state,332gss_iov_buffer_desc *iov,333int iov_count);334335typedef OM_uint32 GSSAPI_CALLCONV336_gss_store_cred_t(OM_uint32 *minor_status,337gss_cred_id_t input_cred_handle,338gss_cred_usage_t cred_usage,339const gss_OID desired_mech,340OM_uint32 overwrite_cred,341OM_uint32 default_cred,342gss_OID_set *elements_stored,343gss_cred_usage_t *cred_usage_stored);344345typedef OM_uint32 GSSAPI_CALLCONV346_gss_export_cred_t(OM_uint32 *minor_status,347gss_cred_id_t cred_handle,348gss_buffer_t cred_token);349350typedef OM_uint32 GSSAPI_CALLCONV351_gss_import_cred_t(OM_uint32 * minor_status,352gss_buffer_t cred_token,353gss_cred_id_t * cred_handle);354355356typedef OM_uint32 GSSAPI_CALLCONV357_gss_acquire_cred_ext_t(OM_uint32 * /*minor_status */,358const gss_name_t /* desired_name */,359gss_const_OID /* credential_type */,360const void * /* credential_data */,361OM_uint32 /* time_req */,362gss_const_OID /* desired_mech */,363gss_cred_usage_t /* cred_usage */,364gss_cred_id_t * /* output_cred_handle */);365366typedef void GSSAPI_CALLCONV367_gss_iter_creds_t(OM_uint32 /* flags */,368void * /* userctx */,369void (* /*cred_iter */ )(void *, gss_OID, gss_cred_id_t));370371typedef OM_uint32 GSSAPI_CALLCONV372_gss_destroy_cred_t(OM_uint32 * /* minor_status */,373gss_cred_id_t * /* cred */);374375typedef OM_uint32 GSSAPI_CALLCONV376_gss_cred_hold_t(OM_uint32 * /* minor_status */,377gss_cred_id_t /* cred */);378379typedef OM_uint32 GSSAPI_CALLCONV380_gss_cred_unhold_t(OM_uint32 * /* minor_status */,381gss_cred_id_t /* cred */);382383typedef OM_uint32 GSSAPI_CALLCONV384_gss_cred_label_set_t(OM_uint32 * /* minor_status */,385gss_cred_id_t /* cred */,386const char * /* label */,387gss_buffer_t /* value */);388389typedef OM_uint32 GSSAPI_CALLCONV390_gss_cred_label_get_t(OM_uint32 * /* minor_status */,391gss_cred_id_t /* cred */,392const char * /* label */,393gss_buffer_t /* value */);394395typedef OM_uint32 GSSAPI_CALLCONV _gss_display_name_ext_t (396OM_uint32 *, /* minor_status */397gss_name_t, /* name */398gss_OID, /* display_as_name_type */399gss_buffer_t /* display_name */400);401402typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_name_t (403OM_uint32 *, /* minor_status */404gss_name_t, /* name */405int *, /* name_is_MN */406gss_OID *, /* MN_mech */407gss_buffer_set_t * /* attrs */408);409410typedef OM_uint32 GSSAPI_CALLCONV _gss_get_name_attribute_t (411OM_uint32 *, /* minor_status */412gss_name_t, /* name */413gss_buffer_t, /* attr */414int *, /* authenticated */415int *, /* complete */416gss_buffer_t, /* value */417gss_buffer_t, /* display_value */418int * /* more */419);420421typedef OM_uint32 GSSAPI_CALLCONV _gss_set_name_attribute_t (422OM_uint32 *, /* minor_status */423gss_name_t, /* name */424int, /* complete */425gss_buffer_t, /* attr */426gss_buffer_t /* value */427);428429typedef OM_uint32 GSSAPI_CALLCONV _gss_delete_name_attribute_t (430OM_uint32 *, /* minor_status */431gss_name_t, /* name */432gss_buffer_t /* attr */433);434435typedef OM_uint32 GSSAPI_CALLCONV _gss_export_name_composite_t (436OM_uint32 *, /* minor_status */437gss_name_t, /* name */438gss_buffer_t /* exp_composite_name */439);440441/*442*443*/444445typedef struct gss_mo_desc_struct gss_mo_desc;446447typedef OM_uint32 GSSAPI_CALLCONV448_gss_mo_init (OM_uint32 *, gss_OID, gss_mo_desc **, size_t *);449450451struct gss_mo_desc_struct {452gss_OID option;453OM_uint32 flags;454#define GSS_MO_MA 1455#define GSS_MO_MA_CRITICAL 2456const char *name;457void *ctx;458int (*get)(gss_const_OID, gss_mo_desc *, gss_buffer_t);459int (*set)(gss_const_OID, gss_mo_desc *, int, gss_buffer_t);460};461462typedef OM_uint32 GSSAPI_CALLCONV _gss_pname_to_uid_t (463OM_uint32 *, /* minor_status */464const gss_name_t, /* name */465const gss_OID, /* mech_type */466uid_t * /* uidOut */467);468469typedef OM_uint32 GSSAPI_CALLCONV _gss_authorize_localname_t (470OM_uint32 *, /* minor_status */471const gss_name_t, /* name */472gss_const_buffer_t, /* user */473gss_const_OID /* user_name_type */474);475476/* mechglue internal */477struct gss_mech_compat_desc_struct;478479#define GMI_VERSION 5480481/* gm_flags */482#define GM_USE_MG_CRED 1 /* uses mech glue credentials */483484typedef struct gssapi_mech_interface_desc {485unsigned gm_version;486const char *gm_name;487gss_OID_desc gm_mech_oid;488unsigned gm_flags;489_gss_acquire_cred_t *gm_acquire_cred;490_gss_release_cred_t *gm_release_cred;491_gss_init_sec_context_t *gm_init_sec_context;492_gss_accept_sec_context_t *gm_accept_sec_context;493_gss_process_context_token_t *gm_process_context_token;494_gss_delete_sec_context_t *gm_delete_sec_context;495_gss_context_time_t *gm_context_time;496_gss_get_mic_t *gm_get_mic;497_gss_verify_mic_t *gm_verify_mic;498_gss_wrap_t *gm_wrap;499_gss_unwrap_t *gm_unwrap;500_gss_display_status_t *gm_display_status;501_gss_indicate_mechs_t *gm_indicate_mechs;502_gss_compare_name_t *gm_compare_name;503_gss_display_name_t *gm_display_name;504_gss_import_name_t *gm_import_name;505_gss_export_name_t *gm_export_name;506_gss_release_name_t *gm_release_name;507_gss_inquire_cred_t *gm_inquire_cred;508_gss_inquire_context_t *gm_inquire_context;509_gss_wrap_size_limit_t *gm_wrap_size_limit;510_gss_add_cred_t *gm_add_cred;511_gss_inquire_cred_by_mech_t *gm_inquire_cred_by_mech;512_gss_export_sec_context_t *gm_export_sec_context;513_gss_import_sec_context_t *gm_import_sec_context;514_gss_inquire_names_for_mech_t *gm_inquire_names_for_mech;515_gss_inquire_mechs_for_name_t *gm_inquire_mechs_for_name;516_gss_canonicalize_name_t *gm_canonicalize_name;517_gss_duplicate_name_t *gm_duplicate_name;518_gss_inquire_sec_context_by_oid *gm_inquire_sec_context_by_oid;519_gss_inquire_cred_by_oid *gm_inquire_cred_by_oid;520_gss_set_sec_context_option *gm_set_sec_context_option;521_gss_set_cred_option *gm_set_cred_option;522_gss_pseudo_random *gm_pseudo_random;523_gss_wrap_iov_t *gm_wrap_iov;524_gss_unwrap_iov_t *gm_unwrap_iov;525_gss_wrap_iov_length_t *gm_wrap_iov_length;526_gss_store_cred_t *gm_store_cred;527_gss_export_cred_t *gm_export_cred;528_gss_import_cred_t *gm_import_cred;529_gss_acquire_cred_ext_t *gm_acquire_cred_ext;530_gss_iter_creds_t *gm_iter_creds;531_gss_destroy_cred_t *gm_destroy_cred;532_gss_cred_hold_t *gm_cred_hold;533_gss_cred_unhold_t *gm_cred_unhold;534_gss_cred_label_get_t *gm_cred_label_get;535_gss_cred_label_set_t *gm_cred_label_set;536gss_mo_desc *gm_mo;537size_t gm_mo_num;538_gss_pname_to_uid_t *gm_pname_to_uid;539_gss_authorize_localname_t *gm_authorize_localname;540_gss_display_name_ext_t *gm_display_name_ext;541_gss_inquire_name_t *gm_inquire_name;542_gss_get_name_attribute_t *gm_get_name_attribute;543_gss_set_name_attribute_t *gm_set_name_attribute;544_gss_delete_name_attribute_t *gm_delete_name_attribute;545_gss_export_name_composite_t *gm_export_name_composite;546struct gss_mech_compat_desc_struct *gm_compat;547} gssapi_mech_interface_desc, *gssapi_mech_interface;548549gssapi_mech_interface550__gss_get_mechanism(gss_const_OID /* oid */);551552gssapi_mech_interface __gss_spnego_initialize(void);553gssapi_mech_interface __gss_krb5_initialize(void);554gssapi_mech_interface __gss_ntlm_initialize(void);555556void gss_mg_collect_error(gss_OID, OM_uint32, OM_uint32);557558int _gss_mo_get_option_1(gss_const_OID, gss_mo_desc *, gss_buffer_t);559int _gss_mo_get_option_0(gss_const_OID, gss_mo_desc *, gss_buffer_t);560int _gss_mo_get_ctx_as_string(gss_const_OID, gss_mo_desc *, gss_buffer_t);561562struct _gss_oid_name_table {563gss_OID oid;564const char *name;565const char *short_desc;566const char *long_desc;567};568569extern struct _gss_oid_name_table _gss_ont_mech[];570extern struct _gss_oid_name_table _gss_ont_ma[];571572/*573* Extended credentials acqusition API, not to be exported until574* it or something equivalent has been standardised.575*/576extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_password_oid_desc;577#define GSS_C_CRED_PASSWORD (&__gss_c_cred_password_oid_desc)578579extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_certificate_oid_desc;580#define GSS_C_CRED_CERTIFICATE (&__gss_c_cred_certificate_oid_desc)581582OM_uint32 _gss_acquire_cred_ext583(OM_uint32 * /*minor_status*/,584const gss_name_t /*desired_name*/,585gss_const_OID /*credential_type*/,586const void * /*credential_data*/,587OM_uint32 /*time_req*/,588gss_const_OID /*desired_mech*/,589gss_cred_usage_t /*cred_usage*/,590gss_cred_id_t * /*output_cred_handle*/591);592593#endif /* GSSAPI_MECH_H */594595596