search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Verbatim from RFC 2744.
[shishi.git] / gss / gssapi.h
blob59bc97e995a32b7c35dd42f416168097bb7bdfd9
1 #ifndef GSSAPI_H_
2 #define GSSAPI_H_
3
4
5
6 /*
7 * First, include stddef.h to get size_t defined.
8 */
9 #include <stddef.h>
10
11 /*
12 * If the platform supports the xom.h header file, it should be
13 * included here.
14 */
15 #include <xom.h>
16
17
18 /*
19 * Now define the three implementation-dependent types.
20 */
21 typedef <platform-specific> gss_ctx_id_t;
22 typedef <platform-specific> gss_cred_id_t;
23 typedef <platform-specific> gss_name_t;
24
25 /*
26 * The following type must be defined as the smallest natural
27 * unsigned integer supported by the platform that has at least
28 * 32 bits of precision.
29 */
30 typedef <platform-specific> gss_uint32;
31
32
33 #ifdef OM_STRING
34 /*
35 * We have included the xom.h header file. Verify that OM_uint32
36 * is defined correctly.
37 */
38
39 #if sizeof(gss_uint32) != sizeof(OM_uint32)
40 #error Incompatible definition of OM_uint32 from xom.h
41 #endif
42
43 typedef OM_object_identifier gss_OID_desc, *gss_OID;
44 #else
45
46 /*
47 * We can't use X/Open definitions, so roll our own.
48 */
49
50 typedef gss_uint32 OM_uint32;
51
52 typedef struct gss_OID_desc_struct {
53 OM_uint32 length;
54 void *elements;
55 } gss_OID_desc, *gss_OID;
56
57 #endif
58
59 typedef struct gss_OID_set_desc_struct {
60 size_t count;
61 gss_OID elements;
62 } gss_OID_set_desc, *gss_OID_set;
63
64 typedef struct gss_buffer_desc_struct {
65 size_t length;
66 void *value;
67 } gss_buffer_desc, *gss_buffer_t;
68
69 typedef struct gss_channel_bindings_struct {
70 OM_uint32 initiator_addrtype;
71 gss_buffer_desc initiator_address;
72 OM_uint32 acceptor_addrtype;
73 gss_buffer_desc acceptor_address;
74 gss_buffer_desc application_data;
75 } *gss_channel_bindings_t;
76
77 /*
78 * For now, define a QOP-type as an OM_uint32
79 */
80 typedef OM_uint32 gss_qop_t;
81
82 typedef int gss_cred_usage_t;
83
84 /*
85 * Flag bits for context-level services.
86 */
87
88
89
90
91
92 #define GSS_C_DELEG_FLAG 1
93 #define GSS_C_MUTUAL_FLAG 2
94 #define GSS_C_REPLAY_FLAG 4
95 #define GSS_C_SEQUENCE_FLAG 8
96 #define GSS_C_CONF_FLAG 16
97 #define GSS_C_INTEG_FLAG 32
98 #define GSS_C_ANON_FLAG 64
99 #define GSS_C_PROT_READY_FLAG 128
100 #define GSS_C_TRANS_FLAG 256
101
102 /*
103 * Credential usage options
104 */
105 #define GSS_C_BOTH 0
106 #define GSS_C_INITIATE 1
107 #define GSS_C_ACCEPT 2
108
109 /*
110 * Status code types for gss_display_status
111 */
112 #define GSS_C_GSS_CODE 1
113 #define GSS_C_MECH_CODE 2
114
115 /*
116 * The constant definitions for channel-bindings address families
117 */
118 #define GSS_C_AF_UNSPEC 0
119 #define GSS_C_AF_LOCAL 1
120 #define GSS_C_AF_INET 2
121 #define GSS_C_AF_IMPLINK 3
122 #define GSS_C_AF_PUP 4
123 #define GSS_C_AF_CHAOS 5
124 #define GSS_C_AF_NS 6
125 #define GSS_C_AF_NBS 7
126 #define GSS_C_AF_ECMA 8
127 #define GSS_C_AF_DATAKIT 9
128 #define GSS_C_AF_CCITT 10
129 #define GSS_C_AF_SNA 11
130 #define GSS_C_AF_DECnet 12
131 #define GSS_C_AF_DLI 13
132 #define GSS_C_AF_LAT 14
133 #define GSS_C_AF_HYLINK 15
134 #define GSS_C_AF_APPLETALK 16
135 #define GSS_C_AF_BSC 17
136 #define GSS_C_AF_DSS 18
137 #define GSS_C_AF_OSI 19
138 #define GSS_C_AF_X25 21
139
140 #define GSS_C_AF_NULLADDR 255
141
142 /*
143 * Various Null values
144 */
145 #define GSS_C_NO_NAME ((gss_name_t) 0)
146 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
147 #define GSS_C_NO_OID ((gss_OID) 0)
148 #define GSS_C_NO_OID_SET ((gss_OID_set) 0)
149 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
150 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
151 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
152 #define GSS_C_EMPTY_BUFFER {0, NULL}
153
154 /*
155 * Some alternate names for a couple of the above
156 * values. These are defined for V1 compatibility.
157 */
158 #define GSS_C_NULL_OID GSS_C_NO_OID
159 #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET
160
161 /*
162 * Define the default Quality of Protection for per-message
163 * services. Note that an implementation that offers multiple
164 * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero
165 * (as done here) to mean "default protection", or to a specific
166 * explicit QOP value. However, a value of 0 should always be
167 * interpreted by a GSS-API implementation as a request for the
168 * default protection level.
169 */
170 #define GSS_C_QOP_DEFAULT 0
171
172 /*
173 * Expiration time of 2^32-1 seconds means infinite lifetime for a
174 * cred
175 gss_OID * /* output_name_type */
176 );
177
178 OM_uint32 gss_import_name
179 (OM_uint32 , /* minor_status */
180 const gss_buffer_t, /* input_name_buffer */
181 const gss_OID, /* input_name_type */
182 gss_name_t * /* output_name */
183 );
184
185
186
187 OM_uint32 gss_export_name
188 (OM_uint32, /* minor_status */
189 const gss_name_t, /* input_name */
190 gss_buffer_t /* exported_name */
191 );
192
193 OM_uint32 gss_release_name
194 (OM_uint32 *, /* minor_status */
195 gss_name_t * /* input_name */
196 );
197
198 OM_uint32 gss_release_buffer
199 (OM_uint32 , /* minor_status */
200 gss_buffer_t /* buffer */
201 );
202
203 OM_uint32 gss_release_oid_set
204 (OM_uint32 , /* minor_status */
205 gss_OID_set * /* set */
206 );
207
208 OM_uint32 gss_inquire_cred
209 (OM_uint32 , /* minor_status */
210 const gss_cred_id_t, /* cred_handle */
211 gss_name_t , /* name */
212 OM_uint32 , /* lifetime */
213 gss_cred_usage_t , /* cred_usage */
214 gss_OID_set * /* mechanisms */
215 );
216
217 OM_uint32 gss_inquire_context (
218 OM_uint32 , /* minor_status */
219 const gss_ctx_id_t, /* context_handle */
220 gss_name_t , /* src_name */
221 gss_name_t , /* targ_name */
222 OM_uint32 , /* lifetime_rec */
223 gss_OID , /* mech_type */
224 OM_uint32 , /* ctx_flags */
225 int , /* locally_initiated */
226 int * /* open */
227 );
228
229
230
231
232
233
234
235 OM_uint32 gss_wrap_size_limit (
236 OM_uint32 , /* minor_status */
237 const gss_ctx_id_t, /* context_handle */
238 int, /* conf_req_flag */
239 gss_qop_t, /* qop_req */
240 OM_uint32, /* req_output_size */
241 OM_uint32 * /* max_input_size */
242 );
243
244 OM_uint32 gss_add_cred (
245 OM_uint32 , /* minor_status */
246 const gss_cred_id_t, /* input_cred_handle */
247 const gss_name_t, /* desired_name */
248 const gss_OID, /* desired_mech */
249 gss_cred_usage_t, /* cred_usage */
250 OM_uint32, /* initiator_time_req */
251 OM_uint32, /* acceptor_time_req */
252 gss_cred_id_t , /* output_cred_handle */
253 gss_OID_set , /* actual_mechs */
254 OM_uint32 , /* initiator_time_rec */
255 OM_uint32 * /* acceptor_time_rec */
256 );
257
258 OM_uint32 gss_inquire_cred_by_mech (
259 OM_uint32 , /* minor_status */
260 const gss_cred_id_t, /* cred_handle */
261 const gss_OID, /* mech_type */
262 gss_name_t , /* name */
263 OM_uint32 , /* initiator_lifetime */
264 OM_uint32 , /* acceptor_lifetime */
265 gss_cred_usage_t * /* cred_usage */
266 );
267
268 OM_uint32 gss_export_sec_context (
269 OM_uint32 , /* minor_status */
270 gss_ctx_id_t , /* context_handle */
271 gss_buffer_t /* interprocess_token */
272 );
273
274 OM_uint32 gss_import_sec_context (
275 OM_uint32 , /* minor_status */
276 const gss_buffer_t, /* interprocess_token */
277 gss_ctx_id_t * /* context_handle */
278 );
279
280
281
282
283 OM_uint32 gss_create_empty_oid_set (
284 OM_uint32 , /* minor_status */
285 gss_OID_set * /* oid_set */
286 );
287
288 OM_uint32 gss_add_oid_set_member (
289 OM_uint32 , /* minor_status */
290 const gss_OID, /* member_oid */
291 gss_OID_set * /* oid_set */
292 );
293
294 OM_uint32 gss_test_oid_set_member (
295 OM_uint32 , /* minor_status */
296 const gss_OID, /* member */
297 const gss_OID_set, /* set */
298 int * /* present */
299 );
300
301 OM_uint32 gss_inquire_names_for_mech (
302 OM_uint32 , /* minor_status */
303 const gss_OID, /* mechanism */
304 gss_OID_set * /* name_types */
305 );
306
307 OM_uint32 gss_inquire_mechs_for_name (
308 OM_uint32 , /* minor_status */
309 const gss_name_t, /* input_name */
310 gss_OID_set * /* mech_types */
311 );
312
313 OM_uint32 gss_canonicalize_name (
314 OM_uint32 , /* minor_status */
315 const gss_name_t, /* input_name */
316 const gss_OID, /* mech_type */
317 gss_name_t * /* output_name */
318 );
319
320 OM_uint32 gss_duplicate_name (
321 OM_uint32 , /* minor_status */
322 const gss_name_t, /* src_name */
323 gss_name_t * /* dest_name */
324 );
325
326 /*
327 * The following routines are obsolete variants of gss_get_mic,
328 * gss_verify_mic, gss_wrap and gss_unwrap. They should be
329 * provided by GSS-API V2 implementations for backwards
330 * compatibility with V1 applications. Distinct entrypoints
331 * (as opposed to #defines) should be provided, both to allow
332 * GSS-API V1 applications to link against GSS-API V2
333 implementations,
334 * and to retain the slight parameter type differences between the
335 * obsolete versions of these routines and their current forms.
336 */
337
338 OM_uint32 gss_sign
339 (OM_uint32 , /* minor_status */
340 gss_ctx_id_t, /* context_handle */
341 int, /* qop_req */
342 gss_buffer_t, /* message_buffer */
343 gss_buffer_t /* message_token */
344 );
345
346
347 OM_uint32 gss_verify
348 (OM_uint32 , /* minor_status */
349 gss_ctx_id_t, /* context_handle */
350 gss_buffer_t, /* message_buffer */
351 gss_buffer_t, /* token_buffer */
352 int * /* qop_state */
353 );
354
355 OM_uint32 gss_seal
356 (OM_uint32 , /* minor_status */
357 gss_ctx_id_t, /* context_handle */
358 int, /* conf_req_flag */
359 int, /* qop_req */
360 gss_buffer_t, /* input_message_buffer */
361 int , /* conf_state */
362 gss_buffer_t /* output_message_buffer */
363 );
364
365
366 OM_uint32 gss_unseal
367 (OM_uint32 , /* minor_status */
368 gss_ctx_id_t, /* context_handle */
369 gss_buffer_t, /* input_message_buffer */
370 gss_buffer_t, /* output_message_buffer */
371 int , /* conf_state */
372 int * /* qop_state */
373 );
374
375 #endif /* GSSAPI_H_ */
Free Kerberos V5 implementation